CYBER SECURITY NEWS – WEEK OF NOVEMBER 13, 2023
Maine government says data breach affects 1.3 million people
- The government of Maine has confirmed over a million individuals had personal information stolen in a data breach earlier this year by a Russia-linked ransomware gang.
- In a statement published Thursday, the Maine government said hackers exploited a vulnerability in its MOVEit file-transfer system, which stored sensitive data on state residents.
- The hackers used the vulnerability to access and download files belonging to certain state agencies between May 28 and May 29, the statement read.
- The Maine government said it was disclosing the incident and notifying affected individuals as its assessment of the impacted files “was recently completed.”
McLaren Health Care revealed that a data breach impacted 2.2 million people
- McLaren Health Care (McLaren) disclosed a data breach that occurred between late July and August. The security breach exposed the sensitive personal information of 2,192,515 people.
- The company became aware of anomalous activity on or about August 22, 2023, and immediately launched an investigation with the help of third-party forensic experts. The investigation revealed that threat actors gained unauthorized access to McLaren’s network between July 28, 2023, and August 23, 2023.
- Exposed information varied by individual and may include some combination of certain individuals’ names, social Security number, health insurance information, date of birth, and medical information. including billing or claims information, diagnosis, physician information, medical record number, Medicare/Medicaid information, prescription/medication information, diagnostic and treatment information.
Cyberattack continues to affect operations at Tri-City Medical Center in Oceanside
- While the public hospital district on state Route 78 has continued to receive patients who arrive at its emergency department, the county emergency medical system continues to divert ambulance deliveries to other hospitals.
- In a short statement, hospital management said that it has temporarily halted all elective medical procedures as it works “to restore our systems to full functionality,” after taking its information systems offline when suspicious network activity surfaced Thursday morning.
- It still has not said whether the cybercriminals responsible for infiltrating its data systems have demanded a ransom, which could have privacy implications for patients.
Chess.com faces second data leak: 476,000 scraped user records leaked
- On November 10th, 2023, Hackread.com exclusively reported that threat actors had disclosed a scraped database containing information from Chess.com users.
- The database, containing approximately 828,327 users, was leaked on the notorious Breach Forums.
- Over the weekend, a different threat actor leaked another scraped database from Chess.com, affecting nearly 500,000 (476,121) users of the widely used online platform for chess enthusiasts and social networking.
- Interestingly, this forum also saw another threat actor leaking a scraped database from LinkedIn just a couple of days prior on the same forum, which contained information from 25 million users.
Personal information impacted in breach of computer network, Butler County says
- The county said federal authorities alerted them to suspicious activity on its computer network at the start of October. By the end of October, it determined there was unauthorized access to personally identifiable information related primarily related to criminal court proceedings maintained on the county network.
- Now, the county is reviewing the data to establish the information involved, the people affected and where those affected reside.
- Once that review is done, the county will provide written notice to those impacted by the breach and offer complimentary credit monitoring services.
- The county has also notified local and federal law enforcement of the incident and says it’s making changes to strengthen its network.
After ChatGPT, anonymous Sudan took down the Cloudflare website
- Cloudflare confirmed that a DDoS attack took down its website for a few minutes and ponited out that it did not impact other products or services.
- “To be clear, there was no Cloudflare breach. Cloudflare experienced a DDoS attack that caused intermittent connectivity issues to http://www.cloudflare.com for a few minutes. This DDoS attack did not affect any service or product capability that Cloudflare provides, and no customers were impacted by this incident. Cloudflare’s website is deliberately hosted on separate infrastructure and cannot impact Cloudflare services. To be clear, our website is fully functional and up and running.” reads a statement issued by the company to the media.
- “Companies using cloudflare, they can’t even protect their main site, you think they can protect you? No protection can stand in our way Attack duration: 1 hour.” reads the message published on the group’s Telegram channel.